SafeLLVM: LLVM Without The ROP Gadgets!

TL;DR

SafeLLVM is a compiler-based approach that reduces ROP gadgets in x86-64 binaries, enhancing memory safety without altering program functionality, thereby preventing ROP attacks effectively.

Contribution

We developed LLVM compiler passes that minimize ROP gadgets in binaries, providing a practical solution to improve memory safety against ROP exploits.

Findings

Prevents ROP attacks in real-world applications

Maintains original program functionality

Reduces number of gadgets significantly

Abstract

Memory safety is a cornerstone of secure and robust software systems, as it prevents a wide range of vulnerabilities and exploitation techniques. Among these, we focus on Return-Oriented Programming (ROP). ROP works as such: the attacker takes control of the program's execution flow via a memory corruption attack, then takes advantages of code snippets already in the program's memory, dubbed "gadgets," to achieve the attacker's desired effect. In this paper, we introduce SafeLLVM, an approach to minimize the number of gadgets in x86-64 binaries compiled with the LLVM infrastructure. Building upon the techniques outlined in previous works, we implement a series of passes within the LLVM compiler's backend to minimize the number of gadgets present and thus prevent ROP attacks. We evaluated our approach by compiling a number of real-world applications, including cJSON, zlib, curl, and mimalloc. The results show our solution is able to prevent any form of ROP on the binaries compiled with SafeLLVM while maintaining the same functionality as the original binaries.